A dropper is a small helper program that facilitates the delivery and installation of malware.
Spammers and other bad actors use droppers to circumvent the signatures that anti-virus programs use to block or quarantine malicious code. It’s much easier to change the dropper, should its signature become recognized, than it would be to rewrite the malicious code-base.
Droppers, like many of their larger Trojan horse counterparts, can be persistent or non-persistent. Non-persistent droppers install malware and then automatically remove themselves. Persistent droppers copy themselves to a hidden file and stay there until they complete the task they were created for.
Droppers can be spread many ways, including by:
- Opening an infected e-mail attachment.
- Picking up a drive-by download on an infected website.
- Clicking a malicious link on a website or in an email.
- Using an infected flash drive.
Sometimes droppers are bundled with free utility programs (such as ad blockers) to avoid detection. When the free program executes, the dropper will first download and install malware before it unpacks and installs the legitimate utility.
Get in touch today to protect your digital assets from evolving Cyber Threats!!